Re: Where can I learn about encrypting USB flash drives?

Discussion in 'Computer Security' started by nemo_outis, Mar 27, 2009.

  1. nemo_outis

    nemo_outis Guest

    wrote in news::

    > I would like to encrypt the data on a USB flash drive to I can send
    > (mail) sensitive data to other people. The data isn't valuable (no
    > credit card data), but it's private (client data). If the usb drive is
    > lost or stolen, I don't want anyone to be able to read the data
    > without the password.
    >
    > This is for Windows XP.
    >
    > Is there a product that has these features:
    >
    > 1. When inserted into a USB drive, the user is prompted for the
    > password. Without the password, the drive cannot even be viewed (not
    > even filenames).
    >
    > 2. Once the password is entered, any application can access the files
    > just as if it were not encrypted until the drive is removed.
    >
    > 3. The data is physcially encrypted (not just the directory) so that
    > it cannot be read by hacker tools that bypass the OS.
    >
    > 4. Any new data that is put there is automatically encrypted using the
    > same password.
    >
    > I don't know much about encryption. I'm willing to study if someone
    > can point me in the right direction.


    There are a number of things to consider:

    1) While a USB stick can be a good choice consider other media as well.
    I suggest in particular Secure Digital memory (or mini/micro versions)
    such as used in many cameras. Their small size and flatness makes them
    mail extremely well without damage. They're cheap too (especially the
    ones that aren't high performance)- about $5 for 2 gigs. A reusable
    adapter for the recipient to use them in a regular computer USB slot
    costs only $5-10 dollars and is available in most computer or camera
    stores.

    2) The simplest encryption (especially if the recipient is not very
    computer savvy) is an encrypted self-extracting zip (or better, rar) file
    which can handle a complete directory tree - rar is better because it
    encrypts names as well as contents. Such an encrypted file looks just
    like any other executable file (I assume your recipients trust you and
    are not freaked out by this). When they execute it it prompts them to
    enter the password and then extracts the contents wherever they indicate
    in the resultant popup.

    3) If you want extremely strong and convenient portable security then
    the best by far is Ironkey (blows encrypted competitors like Kingston
    Traveller, etc. into the weeds). FIPS-2 Level 2 security against
    tampering, self-destruct on 10 wrong passwords, etc. However, it is
    **pricey** as USB stick go - you won't want to be be mailing many of
    these unless you're as rich as Croesus :) I use them for carrying
    critical data with me but I would never think of using them as
    "giveaway" media.

    4) There are fancier encryption schemes (e.g., truecrypt) but these
    require the recipient to be more active than merely plugging in the
    stick. One simple free encryption program that has been recommended to me
    by an informed user is Axcrypt - you might look into that.

    In short, unless you have special needs and until you have more
    experience, stick with just my point 2 (and maybe point 1).

    Regards,

    PS Incidentally, using SD memory for mailing info lends itself very well
    to stego embedded in, say, jpegs.
    nemo_outis, Mar 27, 2009
    #1
    1. Advertising

  2. nemo_outis

    nemo_outis Guest

    wrote in news::

    >>1) While a USB stick can be a good choice consider other media as
    >>well. I suggest in particular Secure Digital memory (or mini/micro
    >>versions) such as used in many cameras. Their small size and flatness
    >>makes them mail extremely well without damage. They're cheap too
    >>(especially the ones that aren't high performance)- about $5 for 2
    >>gigs. A reusable adapter for the recipient to use them in a regular
    >>computer USB slot costs only $5-10 dollars and is available in most
    >>computer or camera stores.

    >
    > Good idea, thanks. I presume that these look like another drive just
    > like the USB flash drives, right? So, whether I use a USB stick or one
    > of the camera cards, I'd still have the same encryption problem.


    Yep, the underlying technology is the same with the same pros and cons;
    it's just a matter of "form factor."

    ....
    > I've used encrypted zip files before. They're great for some
    > applications. For this particular application, I don't want the hassle
    > of zipping and unzipping, even if self-extracting. I want it to work
    > just like a floppy disk except that it's encrypted. It's going to get
    > passed back and forth and both of us will be adding and deleting
    > files. I want to do that just like a regular folder (after the
    > password has been entered once).


    For the features you want you will need a true OTFE encryption program.
    There are quite a few of these - Truecrypt is free and is as good as any.
    Be aware that the program must be installed on both the sender's and
    receiver's machines. Even if used in "traveller" mode this still
    involves a driver and so the users must have administrative privileges
    (This may be problematic in some corporate settings).

    ....

    >>PS Incidentally, using SD memory for mailing info lends itself very
    >>well to stego embedded in, say, jpegs.

    >
    > This would also be true of the flash sticks, right?


    Yes, but since SD memory is specifically camera memory, jpegs (e.g.,
    holiday snapshots) are completely expected and so are unlikely to arouse
    any suspicion and pass inspection without serious scrutiny.

    Regards,

    PS I don't know the specifics of your situation, but it seems to me that
    Rapidshare (or some such service) could be used to achieve your
    objectives with shorter turnaround time and even better security. This
    is especially so if your USB-containing mail would cross an international
    border and be subject to customs inspection (even first-class issubject
    to inspection in many jurisdictions, and some prohibit it containing
    "hardware").

    If you wish to achieve maximum protection from traffic analysis then
    alternately (anonymously) posting and retrieving encrypted files to/from
    various binary newsgroups could be an attractive method.
    nemo_outis, Mar 27, 2009
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Arawak

    Can USB flash drives be made bootable?

    Arawak, Jul 30, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    456
    Arawak
    Aug 16, 2003
  2. Arawak

    Vista and Flash Drives (Thumb/USB drives)

    Arawak, Apr 25, 2007, in forum: Computer Support
    Replies:
    2
    Views:
    614
  3. Replies:
    2
    Views:
    710
  4. Colin B

    Can USB Flash Drives speed up your system?

    Colin B, Mar 10, 2007, in forum: NZ Computing
    Replies:
    23
    Views:
    1,565
    Fred Dagg
    Mar 12, 2007
  5. Ari®
    Replies:
    2
    Views:
    494
    Ari®
    Mar 30, 2009
Loading...

Share This Page